Xcitium Cloud Verdict

File Name: java.exe

File Type: PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows

SHA1: 54bcf774774d5a64bb0f7641325f381443a5dfca

MD5: c7ace8d52dbc590cb25b467528eb72b7

Download Kill Chain Report

Contacted IPs

Network Port Distribution

Name	IP	Country	ASN	ASN Name	Trigger Process Type
	8.8.4.4	United States	15169	Level 3 Parent, LLC	Malware Process
	185.10.68.220	Seychelles	200651	Not known	Malware Process
	109.71.252.45		213250	Not known	Malware Process
eu.minerpool.pw	107.182.129.82	United States	211252	Serverion LLC	Malware Process

HTTP Packets

Host	Port	Method	Version	User Agent	Count	Call Time During Execution(Sec)

DNS Queries/Answers

Request	Type
eu.minerpool.pw	A
Answers - 185.10.68.123 (A) - 109.71.252.45 (A) - 107.182.129.82 (A) - 185.10.68.220 (A)

TCP Packets

Call Time During Execution(sec)	Source IP	Dest IP	Dest Port
34.7660219669	Sandbox	185.10.68.220	443

UDP Packets

Call Time During Execution(sec)	Source IP	Dest IP	Dest Port
6.77580499649	Sandbox	224.0.0.252	5355
6.77638292313	Sandbox	224.0.0.252	5355
6.78634691238	Sandbox	239.255.255.250	3702
6.80484890938	Sandbox	192.168.56.255	137
9.35859489441	Sandbox	224.0.0.252	5355
9.5472509861	Sandbox	8.8.4.4	53
12.803716898	Sandbox	192.168.56.255	138

Loading...